Hello,
Does suricata-IDS check af-packet section in monitoring mode? My af-packet section is as below:
af-packet:
- interface: CLIENT
threads: auto
defrag: yes
cluster-type: cluster_flow
cluster-id: 98
copy-mode: ips
copy-iface: SERVER
buffer-size: 64535
use-mmap: yes
- interface: SERVER
threads: auto
cluster-id: 97
defrag: yes
cluster-type: cluster_flow
copy-mode: ips
copy-iface: CLIENT
buffer-size: 64535
use-mmap: yes
- interface: NAT
threads: auto
cluster-id: 96
cluster-type: cluster_flow
defrag: yes
use-mmap: yes
tpacket-v3: yesWhen I run Suricata-IDS, I get the following error message:
# suricata -i CLIENT
i: suricata: This is Suricata version 7.0.0 RELEASE running in SYSTEM mode
E: af-packet: thread number not equal
E: af-packet: Some IPS capture threads did not peer.Thank you.